mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-30 10:47:08 -06:00
c373ed5c5c
This add replication setup through two new commands: ipa-replica-prepare and ipa-replica-install. The procedure is to run ipa-replica-prepare on an existing master. This will collect information about the realm and the current master and create a file storing all of the information. After copying that file to the new replica, ipa-replica-install is run (with -r to create a read-only replica). This version of the patch also includes fixes for the sasl mappings on the replicas. Remaining features: - ssl for replication. - automatic configuration of mesh topology for master (or a simpler way to replicate multiple masters. - tool for view / configuring current replication.
18 lines
413 B
Plaintext
18 lines
413 B
Plaintext
#kerberos user
|
|
dn: uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX
|
|
changetype: add
|
|
objectclass: account
|
|
objectclass: simplesecurityobject
|
|
uid: kdc
|
|
userPassword: $PASSWORD
|
|
|
|
#kerberos base object
|
|
dn: cn=kerberos,$SUFFIX
|
|
changetype: add
|
|
objectClass: krbContainer
|
|
objectClass: top
|
|
cn: kerberos
|
|
aci: (targetattr="*")(version 3.0; acl "KDC System Account"; allow (all) userdn= "ldap:///uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX";)
|
|
|
|
|